Does Windows10 WiFi profile support blanks in password?

Question

Unable to connect to Wi-Fi with xml profile when password starts with blank space

Hello I am using Windows10 and my Wi-Fi card is Intel(R) Dual Band Wireless-AC 7265.

My ESSID (I will call it 'MY_NETWORK_SSID') has a password that starts with a blank space (let's say ' StartsWithWhiteSpace'), if I manually connect to the ESSID by selecting the network name and typing the password manually it works fine, but it fails if I do the connection with netsh command using this profile:

    <?xml version="1.0"?>
    <WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
        <name>MY_NETWORK_SSID</name>
        <SSIDConfig>
            <SSID>
                <hex>6D746C70617461625DA3546455727473</hex>
                <name>MY_NETWORK_SSID</name>
            </SSID>
        </SSIDConfig>
        <connectionType>ESS</connectionType>
        <connectionMode>auto</connectionMode>
        <MSM>
            <security>
                <authEncryption>
                <authentication>WPA2PSK</authentication>
                    <encryption>AES</encryption>
                    <useOneX>false</useOneX>
                    </authEncryption>
                    <sharedKey>
                        <keyType>passPhrase</keyType>
                        <protected>false</protected>
                        <keyMaterial>  StartsWithWhiteSpace</keyMaterial>
                    </sharedKey>
            </security>
        </MSM>
        <MacRandomization xmlns="http://www.microsoft.com/networking/WLAN/profile/v3">
            <enableRandomization>false</enableRandomization>
            <randomizationSeed>1191479147</randomizationSeed>
        </MacRandomization>
    </WLANProfile>

Note:
I also tried ( &#32 ; and \ ) to represent the blanks. I also tried protected=true and encoding the password keyMaterial field of this xml: " P@ssword!23" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString " P@ssword!23" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString

But unfortunately that doesnt work either.

Answer 1

This is expected behavior since XML parser clears the whitespaces. It should be possible to use PSK instead, which is also a little bit more secure in this use case. Not tested (no windows box around), but try to edit the XML like this:

            <sharedKey>
                <keyType>networkKey</keyType>
                <protected>true</protected>
                <keyMaterial>XXX</keyMaterial>
            </sharedKey>

Instead XXX put there the PSK, which can be calculated with various tools or online witch clientside JavaScript on one of those pages:

https://www.wireshark.org/tools/wpa-psk.html

http://jorisvr.nl/wpapsk.html

Answer 2

thank you for just response, I also found away to do it that requires less effort, just adding xml:space="preserve" .

<sharedKey xml:space="preserve">
    <keyType>passPhrase</keyType>
    <protected>false</protected>
    <keyMaterial> Whitespaces All over .! </keyMaterial>
</sharedKey>

The portion of powershell I use to do insert the attribute in the tag shareKey is:

$Xml_creator.WriteStartElement("sharedKey")
$Xml_creator.WriteAttributeString('xml:space', 'preserve')